Raise InvalidPartEncodingError on invalid multipart

[bquorning]

Multipart parser now raises Rack::Multipart::InvalidPartEncodingError if one part uses a non-ASCII compatible, non-dummy encoding.

The added test case is very similar to one specifying how ISO-2022-JP encoding is handled, so I took the liberty of rewording that a bit.

Fixes #2414.

[jeremyevans]

Thinking about this more, I think the correct place to raise this exception is not in the multipart parser, but in the query parser's _normalize_params. If you are using the multipart parser without the query parser, and this doesn't currently raise an exception, I don't think we should start raising an exception. The issue here is the query parser raises a generic exception and not a specific exception, so it would be best for the query parser to detect the incompatible encoding and raise the specific exception.

[jeremyevans]

You should make this valid UTF-16LE encoded data. Same for other cases in this PR where you are using UTF-16LE. Currently, with this being invalid UTF-16LE data, it's ambiguous whether the related specs are for ascii-incompatible encodings in general, or invalid data with the encoding.

[bquorning]

Good point.

I’ve removed this file again, and moved the unit test to spec_query_parser.rb where the data is encoded using force_encoding.

[bquorning]

Thinking about this more, I think the correct place to raise this exception is not in the multipart parser, but in the query parser's _normalize_params. If you are using the multipart parser without the query parser, and this doesn't currently raise an exception, I don't think we should start raising an exception. The issue here is the query parser raises a generic exception and not a specific exception, so it would be best for the query parser to detect the incompatible encoding and raise the specific exception.

You make a good point. I have moved the implementation into Rack::QueryParser#_normalize_params and changed the tests accordingly. I’ve pushed the change as a separate commit so the two options are easier to compare, but intent to squash them into one before it’s ready to merge. The commits are squashed now.

Would you prefer test/spec_query_parser.rb to test all ascii incompatible encodings (e.g. Encoding.list.reject(&:ascii_compatible?).each), or is it fine just testing one of them?

[jeremyevans]

This looks good to merge, other than the encoding issue you identified and one other issue.

[bquorning]

@jeremyevans Just a reminder that I consider this PR ready for review now.

[bquorning]

I pushed a fix for the TruffleRuby exception

ArgumentError: UTF-16 string byte length (5) is not a multiple of 2
    test/spec_query_parser.rb:48:in 'String#force_encoding'

by changing "Alice" to "Alice?"

The error from https://github.com/rack/rack/actions/runs/20459763308/job/59924014476 seems not related to my changes:

Because every version of releaser depends on Ruby >= 3.3.0
  and Gemfile depends on releaser >= 0,
  Ruby >= 3.3.0 is required.
So, because current Ruby version is = 3.2.9,
  version solving has failed.

Update: A fix for the last problem is proposed in #2417.

[bquorning]

Rebased and force-pushed, and CI is green.

FYI bundle exec rake is failing for Ruby 2.5 on CI but the job is still reported as passing – both on this branch, and on main. Here’s a workflow run from main from 2 months ago: https://github.com/rack/rack/actions/runs/19048129429/job/54401393373#step:4:33

[jeremyevans]

Ruby 2.4/2.5 failures being ignored is expected. That support is considered best-effort. I generally check once a month and fix issues. Looks like I need to check both Ruby 2.4/2.5. I've been checking only 2.4, assuming if that 2.5 was broken, 2.4 would be as well, but that appears to be an invalid assumption.